A Network Management Station (NMS) is using SNMP to manage some Cisco routers and switches with SNMPv2c. Using either the read-write or read-only community string is most accurately describes how the SNMP agent on a router authenticates any SNMP Get requests received from the NMS.SNMPv1 and SNMPv2c use community strings to authenticate Get and Set messages from an NMS. The agent defines a read-only community and can define a read-write community as well. Get requests, which read information, will be accepted if the NMS sends either the read-only or the read-write community with those requests.

A router has been configured with the global command snmp-server community textvalue1 RO textvalue2. The meaning of this command are the router's read-only community is textvalue1, and filters incoming SNMP messages using IPv4 ACL textvalue2.The first parameter after the community keyword defines the community value. At the end of the command, if a text value is listed but without an ipv6 keyword, the text value is the name of an IPv4 ACL. The ACL (textvalue2 in this case) filters incoming SNMP messages received by the SNMP agent on the device.

A router has been configured with the following command: snmp-server group one v3 auth write v1default. A command snmp-server user fred4 one auth sha pass1 would correctly define a user to associate with this SNMPv3 group to correctly define security parameters to work with an SNMP manager.To work correctly with an SNMP manager, the snmp-server user command must configure its parameters based on the security level in the referenced group as defined in the referenced snmp-server group command. In this case, the referenced snmp-server group command lists a security level of auth, so the snmp-server user command needs the auth keyword and associated parameters, but not the priv keyword and its associated parameters.

ICMP Echo-based IP SLA can collect and aggregate historical statistics.IP Service Level Agreement (IP SLA) can generate a variety of different types of probes, including some that use ICMP Echo messages, and some that mimic voice traffic. However, the question asks about "ICMP Echo-based" IP SLA, referring to the specific IP SLA probe that sends ICMP Echo Request messages.ICMP Echo probes with IP SLA do not require a router to be configured as an IP SLA responder, although many other types of IP SLA probes do require a responder. The Echo probes send a normal ICMP Echo Request, so the probe can be sent to any IP address, relying on that host to send back a normal ICMP Echo Reply.IP SLA on the source router will gather basic statistics. With the ICMP Echo probe, the probe does not measure jitter (ruling out another incorrect answer), but it does measure round-trip time (RTT). These statistics can be gathered into a history report, which can be useful when troubleshooting problems.

Examine the output taken from a router using IP SLA.

The probe send ICMP Echos to address 10.1.1.1 and the output confirms that an Echo Reply was received back as well.The show ip sla summary command lists one line of information about the most recent attempt to perform the actions of an IP SLA probe. The Type implies an ICMP Echo probe, and the destination defines the IP address to which the Echo is sent. The "OK" return code means not only was the probe message sent, but in this case, that an ICMP Echo Reply packet was received back.The Stats column lists the round-trip time (RTT), the two-way delay. The "1" on the far left of the output refers to the IP SLA operation number.

Host1 and Host2 connect to ports F0/1 and F0/2 on a LAN switch, respectively, so that frames sent by Host1 to Host2 will enter switch port Fa0/1 and exit switch port F0/2. All FastEthernet ports on the switch are access ports in VLAN 5. A network analyzer connects to port F0/9. A network engineer wants to use SPAN to direct traffic to the network analyzer. Use a SPAN source port of F0/2 for both direction of traffic for what traffic to direct to the analyzer with SPAN, if the goal is to gather all traffic sent between Host1 and Host2, but to avoid gathering multiple copies of the same frames. It will copy all frames sent by Host1 to Host2 (frames that the switch transmits out port F0/2), as well as frames sent by Host2 to Host1 (which will be frames received on switch port F0/2). This option does gather frames sent between Host2 and other hosts as well.If collecting from F0/1 for a single (transmit) direction, it gathers too little traffic. Frames sent by Host2 to Host1 would arrive in switch port F0/2 and then be sent out port F0/1 to Host1, and would be copied by the SPAN session. However, frames sent by Host1 would be received on switch port F0/1, and would not be copied by that SPAN session.If using VLAN 5 as a source would work, but because all FastEthernet ports on the switch are in VLAN 5, this option gathers more traffic than is necessary.If collecting traffic from both F0/1 and F0/2, but in both directions. This option would gather all frames sent between Host1 and Host2 twice, which would work, but more traffic than is required.

Using more than one SPAN source port in one SPAN session and an EtherChannel port as a SPAN source port are allowed when configuring Local SPAN sessions.Local SPAN has a variety of configuration dependencies. Each Local SPAN session can have multiple sources, but they must be either interfaces or VLANs, and not a mix. Source ports can include both access and trunk ports as well as EtherChannel interfaces. Finally, each SPAN destination port can be used in only one SPAN session at the same time. To reuse that destination port, you must first unconfigure the destination port from the original SPAN session (no monitor session destination) and then configure it to be part of another SPAN session.

PaaS cloud services is most likely to be used for software development.PaaS (Platform as a Service) supplies one or more virtual machines (VM) that have a working operating system (OS) as well as a predefined set of software development tools.Software as a Service (SaaS) supplies a predefined software application, but typically with no ability to then later install your own applications.IaaS (Infrastructure as a Service) supplies one or more working virtual machines (VMs), optionally with an OS installed, as a place where you can then customize the systems by installing your own applications, so it could be used for software development, but the developer would have to install a variety of development tools, making IaaS less useful than a PaaS service.http://blog.bossturteam.com/saas-paas-และ-iaas-คืออะไรSLBaaS (Server Load Balancing as a Service) can be offered as a cloud service, but it is not a general service in which customers get access to VMs on which they can then install their own applications.

IaaS cloud services is most likely to be purchased and then used to later install your own software applications.Platform as a Service (PaaS) could be used to install your own application, because PaaS does supply one or more VMs, but it is most likely used as a software development environment, a service designed specifically to be used for development, with VMs that include various tools that are useful for software development.

An enterprise plans to start using a public cloud service, and is considering different WAN options. Using private WAN connections directly to the cloud provider is the most issues if the company chooses one cloud provider but then later wants to change to use a different cloud provider instead.Both options that use the Internet allow for easier migration because public cloud providers typically provide easy access over the Internet. An intercloud exchange is a purpose-built WAN service that connects to enterprises as well as most public cloud providers, with the advantage of making the cloud migration process easier. The worst option in terms of being prepared for migrating to a new cloud provider - is to use a private WAN connection to one cloud provider. While useful in other ways, migrating when using this strategy would require installing a new private WAN connection to the new cloud provider.

An enterprise plans to start using a public cloud service, and is considering different WAN options. Using private WAN connections directly to the cloud provider and an intercloud exchange provide good security by keeping the data private while also providing good QoS services.Private WAN options use technologies like Ethernet WAN and MPLS, both of which keep data private by their nature and which include QoS services. An intercloud exchange is a purpose-built WAN service that connects to enterprises as well as most public cloud providers, using the same kinds of private WAN technology with those same benefits.For using an Internet connection with/without VPN, both use the Internet, so both cannot provide QoS services. The Internet VPN option does encrypt the data to keep it private.

A virtual network function in a public cloud service is a networking function implemented by the cloud provider for the customer as a VM that is directly accessible and configurable by the customer.A virtual network function (VNF) is a virtual version of a networking appliance, such as a virtual router (like the Cisco CSR) or virtual firewall (like the Cisco ASAv). VNFs are deployed as a VM, with customer access to the user interface, so that customers can then configure the VNF to meet their needs.Cloud providers can implement many networking services that create the cloud network, but not give the customer direct access to the VM or appliance. For instance, public cloud providers typically provide DNS services and address assignment services that use DHCP behind the scenes, but without giving the customer direct access to a VM that implements a DNS or DHCP server.

A Layer 2 switch examines a frame's destination MAC address and chooses to forward that frame out port G0/1 only. That action is an action that occurs as part of Data plane of the switch.The data plane includes all networking device actions related to the receipt, processing, and forwarding of each message.The term table plane is not used in networking.The management plane and control plane are not concerned with the per-message forwarding actions.

A router uses EIGRP to learn routes and adds those to the IPv4 routing table. That action is an action that occurs as part of Control plane of the switch.The control plane includes all networking device actions that create the information used by the data plane when processing messages.The control plane includes functions like IP routing protocols and Spanning Tree Protocol (STP).The management plane and data plane are not concerned with collecting the information that the data plane then uses.

A network uses an SDN architecture with switches and a centralized controller. Data plane functions found on the switches but not on the controller.Although many variations of SDN architectures exist, they typically use a centralized controller. That controller may centralize some or even all control plane functions in the controller. However, the data plane function of receiving messages, matching them based on header fields, taking actions (like making a forwarding decision), and forwarding the message still happens on the network elements (switches) and not on the controller.The control plane functions may all happen on the controller, or some may happen on the controller, and some on the switches. The Northbound and Southbound Interfaces are API interfaces on the controller, not on the switches.

Cisco Open SDN Controller uses a mostly centralized control plane model.The Cisco Open SDN Controller uses an Open SDN model with an OpenFlow Southbound Interface as defined by the Open Networking Foundation (ONF). The ONF SDN model centralizes most control plane functions.The APIC (Application Policy Infrastructure Controller) model for data centers partially centralizes control plane functions.The APIC-EM (APIC Enterprise Module) controller (as of time of publication) makes no changes to the control plane of routers and switches, leaving those to run with a completely distributed control plane.

Host A and Host B sit in two different subnets. The path between the subnets of these two hosts runs though three different Layer 3 forwarding devices (routers and Layer 3 switches). A network engineer uses the APIC-EM Path Trace ACL Analysis tool to analyze the path used for Host A to send packets to Host B. Discovery of the topology that exists between the two hosts is done specifically by the ACL Analysis or ACL Trace part of the tool.APIC-EM does also these features:Analysis of the Layer 3 forwarding decisions in the path from Host A to BAnalysis of the Layer 2 forwarding decisions in the path from Host A to BAnalysis of the impact of ACLs on the packets that would flow from Host A to BAPIC-EM has a built-in function to discover the topology of a network, using a variety of protocols such as SSH, CDP, and LLDP. Once discovered, the APIC-EM Path Trace feature analyzes the forwarding tables on each device in comparison to a source and destination as typed in by an APIC-EM user. Path Trace then determines the path through the network, including the Layer 2 and Layer 3 paths.The feature that uses the name Path Trace ACL Analysis (or Path Trace ACL Trace, or a similar name) refers to the additional analysis done by APIC-EM to then compare that imaginary packet to the ACLs that exist in the network. The tool shows the ACLs and points out which ACLs would deny (that is, discard) the packet based on its current configuration.

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction represents NIST's definition of cloud computing.

Server, Data storage, and Network bandwidth are data center resources that can be offered through cloud computing.